Changed my mind about password managers after hearing a sysadmin break down the math on reuse

I was at a coffee shop last Tuesday and overheard this guy explaining to his friend how if you reuse a password on even 3 sites and one gets breached, you're basically handing over keys to the other 2. He said something like 'a 12-character unique password has 3x10^21 combos but a reused one might as well be 1 combo across all sites.' That math stuck with me. Made me finally set up Bitwarden that night. Anyone else have a random conversation that flipped your view on security habits?

2 comments

2 Comments

riley5956d ago

OH FOR SURE. That coffee shop guy was dead right and ppl still act like its fine to reuse passwords because "what are the odds." The odds are basically 100 percent once you think about it. I had a similar wakeup call when my cousin showed me his "password vault" spreadsheet and it had like 200 different passwords in it. That was the moment I realized reusing was just lazy math. People dont get that hackers run automated scripts that try your email and password across a hundred sites in seconds. One breach on some random forum and they can clean out your bank account if you used the same password. Its not rocket science its just basic patterns.

gavin_mason316d ago

Nah I gotta push back on @riley595 here because honestly this whole "every site needs a unique password" thing is getting out of hand lol. Like yeah if you're using "password123" on your bank and your email then sure you're asking for trouble. But having 200 different passwords is just overkill for normal people. I use the same password for like 10 random forums and newsletter signups and nothing bad has ever happened. The real trick is just having 2 or 3 tiers - strong ones for important stuff like banking and email, and then a throwaway for everything else. Most hackers are going after the low hanging fruit anyway not checking if your reddit account matches your spotify login.

-1